Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env sh
- ###################################################################################################
- # Checks for vulnerability in AIX RPC first issued May 8th. #
- ###################################################################################################
- #############
- # Variables #
- #############
- # These are all the levels vulnerable to this exploit.
- _vulnerable_levels=( "5.3.12.0" "5.3.12.1" "5.3.12.2" "5.3.12.3" "5.3.12.4" "5.3.12.5" "6.1.5.0" "6.1.5.1" "6.1.5.2" "6.1.5.3" "6.1.5.4" "6.1.5.5" "6.1.5.6" "6.1.5.7" "6.1.6.0" "6.1.6.1" "6.1.6.2" "6.1.6.3" "6.1.6.4" "6.1.6.5" "6.1.6.6" "6.1.6.7" "6.1.6.8" "6.1.6.9" "6.1.6.10" "6.1.6.11" "6.1.6.12" "6.1.6.13" "6.1.6.14" "6.1.6.15" "6.1.6.16" "6.1.7.0" "6.1.7.1" "7.1.0.0" "7.1.0.1" "7.1.0.2" "7.1.0.3" "7.1.0.4" "7.1.0.5" "7.1.0.6" "7.1.0.7" "7.1.0.8" "7.1.0.9" "7.1.0.10" "7.1.0.11" "7.1.0.12" "7.1.0.13" "7.1.0.14" "7.1.0.15" "7.1.0.16" "7.1.0.17" "7.1.1.0" "7.1.1.1" )
- # SSH Options.
- _ssh_opts='-q -o BatchMode=yes -o ConnectTimeout=20 -o ConnectionAttempts=1 -o ClearAllForwardings=yes'
- # Makes text bold.
- _b=`tput smso`
- # Unset text bold.
- _nb=`tput sgr0`
- _date=`date +"%m%d%y_%H%M%S"`
- _hosts="host1 host2 host3"
- for _host in ${_hosts}
- do
- # Go out to the server and make sure it is AIX. If it's not, skip it.
- _uname=`ssh ${_ssh_opts} ${_host} "uname"`
- if [ "${_uname}" != "AIX" ]; then
- continue
- fi
- # Get the fileset level for bos.net.tcp.client
- _actual_host_level=`ssh ${_ssh_opts} ${_host} "lslpp -L bos.net.tcp.client | grep bos.net.tcp.client | awk '{ print \\$2 }'"`
- # Failure counter.
- _fail=0
- # Main loop.
- for _vulnerable_level in ${_vulnerable_levels[@]}
- do
- # If the values from our array match actuals, then say so.
- if [ "${_actual_host_level}" = "${_vulnerable_level}" ]; then
- printf "${_host} is vulnerable with bos.net.tcp.client of ${_actual_host_level}.\n" | tee -a rpc.scan.${_date}
- _fail=`expr ${_fail} + 1`
- fi
- done
- # If our failure counter hasn't gone off, then declare us not vulnerable.
- if [ ${_fail} -eq 0 ]; then
- printf "${_host} is not vulnerable.\n" | tee -a rpc.scan.${_date}
- fi
- done
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement